Thursday, October 21, 2010

How to grant "Allow log on through Terminal Services" right

This is often a pesky problem that I have to search for so I'm adding it to my blog as reference and for any others that may have the same issue. I've found that adding a user to the Remote Desktop Users group alone does not allow them to logon to a server via RDP unless they are also in the Administrators group. If you don't want the user in the Administrators group you can follow the directions below to allow them access.

1.Open gpedit.msc (the local group policy editor)
2.Expand Local Computer Policy –> Computer Configuration –> Windows Settings –> Security Settings –> Local Policies –> User Rights Management
3.Look for the setting on the right called "Allow log on through Remote Desktop Services"
4.Double click that policy
5.Add the user or group you would like to have remote access to the box. I personally added the Remote Desktop Users group.